If I have a JWT token signed by HS256 algorithm (symmetric compared with RS256), how should I configure the
RequestAuthentication to verify it?
If I know it is signed by using some secret
<some private secret>, where should I put it in the yaml?
Should I inline it in
jwks field? If so, how should I generate such an inline